RCL CRUISES LTD – €15,000 Fine (Spain, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
RCL CRUISES LTD was fined for sending an email that included someone else's personal information. This is important because it shows that companies need to protect personal data and prevent unauthorized sharing. Failing to do so can result in significant fines.
What happened
RCL CRUISES LTD sent an email containing personal data of another individual to someone who requested information.
Who was affected
The individual who received the email and the person whose data was shared without consent were affected.
What the authority found
The Spanish data protection authority found that RCL CRUISES LTD did not take proper measures to protect personal data, violating GDPR requirements.
Why this matters
This ruling emphasizes the need for companies to implement strong data protection measures. Businesses should regularly review their security practices to avoid similar mistakes.
GDPR Articles Cited
The Spanish DPA has imposed a fine of EUR 15,000 on RCL CRUISES LTD. An individual had filed a complaint with the DPA. The individual, after requesting information about a cruise ship by e-mail, had received an e-mail from the controller containing personal data of another individual. The DPA found that the controller had failed to implement appropriate technical and organizational measures to protect personal data.
Related Enforcement Actions (0)
No other enforcement actions found for RCL CRUISES LTD in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
7 July 2023
Authority
Agencia Española de Protección de Datos
Fine Amount
€15,000
Enforcement Tracker ID
ETid-1942
About this data
Cite as: Cookie Fines. RCL CRUISES LTD - Spain (2023). Retrieved from cookiefines.eu
Last updated: